| license: mit | |
| tags: | |
| - security-research | |
| - modelscan-bypass | |
| - pickle-safety | |
| # modelscan-bypass-pathlib-read | |
| ## Modelscan Bypass PoC — pathlib.Path + operator.methodcaller | |
| **Severity**: HIGH | |
| **Impact**: Arbitrary file read via pathlib.Path.read_text() | |
| **modelscan version**: 0.7.6 | |
| **Chain**: pathlib.Path("/etc/passwd") + operator.methodcaller("read_text") → reads any file | |
| **Root cause**: Neither `pathlib` nor `operator.methodcaller` are in modelscan blocklist. | |